1. Technical Field
The present invention relates to the field of computer science and, more particularly, to compute security though password management.
2. Description of the Related Art
Passwords are an intrinsic part of functioning within a computerized society. Individuals can have many different passwords which are essential to daily activities. For example, a person can have one password to access an automatic teller machine (ATM) account, another password to access a work computer, another for an email account, yet another to access a second email account, and various other passwords to access Web sites, loyalty programs, and other restricted data areas. The person can have difficulty recalling necessary passwords, if each utilized password is significantly complex; as secure passwords should be to prevent unauthorized accesses.
To further complicate matters, computer system passwords often have an associated expiration duration. An expiration duration can be a period of viability for which a password can remain valid. Many systems with expiring passwords maintain a history log so that previously utilized passwords cannot be reused. When systems have a short expiration duration for passwords, systems users, not desiring to constantly perform the mental exercise of deriving memorable, complex passwords, typically utilize shortcuts, which can be exploited by unauthorized users.
System user shortcuts can include techniques such as choosing trivial or simplistic passwords, to commonly use the same password among different computerized systems, to write down current passwords, and/or to create passwords that the system user will forget and have to later reset. Simplistic passwords can be guessed after a relatively small number of access attempts or can be discovered using password generation programs. Using the same password for different computing systems or accounts can increase the opportunities for non-authorized intrusions into both systems. Commonly used passwords can be especially troublesome when used with two different computer systems, one significantly more secure than the other. For instance, “hackers” may gain access to a highly secure system by using a password acquired from a less secure system. The practice of writing down passwords is flawed as a written password is always subject to detection by observation. Worse, written passwords are often recorded in insecure locations, such as on the computer monitor or by a computer desk, and hence can be easily discovered.
Finally, forgetting passwords is so common that many systems provide a security question that allows users to automatically change their passwords. This practice prevents administrators from having to constantly respond to a multitude of user calls about forgotten passwords and manually resetting user accounts. Such security questions are generally simple and contain easily discoverable information like “what is your pet's name,” or “your mother's maiden name.” These security passwords provide an alternative means for circumventing a system's security features. For the aforementioned reasons among others, the password expiration feature within many computer systems, which is intended to increase system security, can actually reduce system security.